Applies, configures and manages complex security systems. Administers complex security configurations to control access to hardware, software and networks. Applies advanced encryption methods.
- Plans, configures, designs, develops, implements and maintains tools, systems, and procedures to ensure the integrity, reliability, and security of data, systems, and networks. Operates and maintains security-focused information systems, supports the security hardening of information systems, and advances enterprise security practices. Proactively identify opportunities and implement solutions to automate and otherwise improve information security operational processes. Manages systems and services involving multiple, integrated systems. Makes recommendations for purchase or upgrade of new computer hardware, software and services. Performs moderately complex analysis to acquire, install, modify and support operating systems, software, databases, utilities and / or tools. Creates project plans. Understands and applies industry practices, community standards and department / unit policies and procedures relating to work assignments. May serve as technical lead for a project of moderate scope. Trains users. Negotiates project plans with stakeholders. May conduct penetration testing and network scanning activities to report, identify, and track assets and vulnerabilities throughout the systems lifecycle.
|
40 |
Implements complex and/or moderate-scale security controls to prevent unauthorized access or changes to campus, medical center or Office of the President information, hardware, software and/or network infrastructure. Independently researches, analyzes and addresses attempted efforts to compromise security protocols. Advises departments on security prevention and best practices.
- Helps maintain the confidentiality, integrity, and availability of institutional information by applying complex and/or moderate-scale security policies and configurations. Research and provide input on information security policies, trusted computing architectures, and security engineering practice/process. Resolves procedural and technical issues in the context of department policies and procedures. Interacts with teams of advanced IT professionals as a proactive member. Maintains service standards while working with constituents to resolve issues related to security controls.
|
25 |
Collects, examines, analyzes and reports to management regarding the causes, effects and implications of security incidents. Applies advanced IT security concepts, governmental regulations, departmental and campus, medical center or Office of the President policies and procedures to respond to and appropriately escalate complex IT security incidents.
- Investigates, analyzes, and responds to immediate and potential threats, using mitigation, preparedness, and response and recovery approaches to maximize survival of life, preservation of property, and information security. Performs threat and vulnerability assessment, prevention, monitoring, detection and remediation. Conducts endpoint and network digital forensics activities and facilitates automation and orchestration of incident response activities.
|
20 |
Additional IT Security-related tasks as assigned or according to procedure/standard; examples include, but are not limited to, systems automation, risk assessments, security awareness activities, and development of or updating policies, procedures, standards, and guidance.
|
15 |